package com.yeu;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class RePassword
 */
@WebServlet("/RePassword")
public class RePassword extends HttpServlet {
	private static final long serialVersionUID = 1L;

	/**
	 * @see HttpServlet#HttpServlet()
	 */
	public RePassword() {
		super();
		// TODO Auto-generated constructor stub
	}
	
	/** 获取真实用户IP **/
	public String getRemortIP(HttpServletRequest request) {
		if (request.getHeader("x-forwarded-for") == null) {
			return request.getRemoteAddr();
		} else {
			return request.getHeader("x-forwarded-for");
		}
	}

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.setContentType("text/html;charset=UTF-8"); 
		request.setCharacterEncoding("UTF-8");
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		request.setCharacterEncoding("UTF-8");
		response.setContentType("text/html;charset=utf-8"); // 设置响应报文的编码格式
		PrintWriter pw = response.getWriter();
		String userNumber = request.getParameter("userNumber");
		String password = request.getParameter("password");
		String againPassword = request.getParameter("againPassword");
		String choice = request.getParameter("choice");
		String safecode = request.getParameter("safecode");
		System.out.println("\nuserNumber：" + userNumber + "\npassword：" + password + "\nagainPassword：" + againPassword + "\nchoice：" + choice + "\nsafecode：" + safecode);

		if (userNumber.equals("") || password.equals("") || againPassword.equals("") || safecode.equals("")) {
			pw.println("请填写完整数据");
			pw.flush();
			return;
		}
		if (!password.equals(againPassword)) {
			pw.println("输入的两次密码不同");
			pw.flush();
			return;
		}
		
		/* 重置密码逻辑 */
		try {
			Connection connect = DBUtil.getConnect();
			Statement statement = (Statement) connect.createStatement(); // Statement可以理解为数据库操作实例，对数据库的所有操作都通过它来实现
			ResultSet result;

			String sqlQuery = "select * from " + DBUtil.TABLE_PASSWORD + " where userNumber='" + userNumber + "'";
			// 查询类操作返回一个ResultSet集合，没有查到结果时ResultSet的长度为0
			result = statement.executeQuery(sqlQuery); // 先查询同样的账号（比如手机号）是否存在
			if (result.next() && !userNumber.equals("")) { // 已存在 result.next()
				// 存在则对比安全码
				if (result.getString("choice").equals(choice) && result.getString("safecode").equals(safecode)) {
					sqlQuery = "update " + DBUtil.TABLE_PASSWORD + " set userPassword = '" + againPassword + "' where userNumber = '" + userNumber + "'";
					int row = statement.executeUpdate(sqlQuery); // 判断用户信息是否更新成功
					if (row == 1) {
						pw.print("0");
						pw.flush();
					}
				}else {
					pw.println("答案错误");
					pw.flush();
				}
			} else {
				pw.println("不存在此帐号");
				pw.flush();
			}
			//断开数据库连接
			statement.close();
		} catch (SQLException e) {
			e.printStackTrace();
		}
	}
}
